diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..681dc7b --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,98 @@ +name: CI Pipeline + +on: + push: + branches: [ "main", "develop" ] + +env: + REGISTRY: docker.io + IMAGE_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/tech-stack-advisor + +jobs: + build-and-test: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.11' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + - name: Train model + run: python train.py + + - name: Test application + run: | + # Check if model files were created + if [ -f "model.pkl" ] && [ -f "encoders.pkl" ]; then + echo "✅ Model files created successfully" + else + echo "❌ Model files missing" + exit 1 + fi + - name: Upload model artifacts + uses: actions/upload-artifact@v4 + with: + name: trained-models + path: | + model.pkl + encoders.pkl + docker-build: + needs: build-and-test + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Download model artifacts + uses: actions/download-artifact@v5 + with: + name: trained-models + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.IMAGE_NAME }} + tags: | + type=ref,event=branch + type=ref,event=pr + type=sha,prefix={{branch}}- + type=raw,value=latest,enable={{is_default_branch}} + - name: Build and push multi-architecture image + uses: docker/build-push-action@v6 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Generate build summary + run: | + echo "## 🐳 Docker Build Summary" >> $GITHUB_STEP_SUMMARY + echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY + echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY + echo "| Image | \`${{ env.IMAGE_NAME }}\` |" >> $GITHUB_STEP_SUMMARY + echo "| Platforms | linux/amd64, linux/arm64 |" >> $GITHUB_STEP_SUMMARY + echo "| Tags | ${{ steps.meta.outputs.tags }} |" >> $GITHUB_STEP_SUMMARY + echo "| Registry | Docker Hub |" >> $GITHUB_STEP_SUMMARY \ No newline at end of file diff --git a/.github/workflows/docker-compose.yaml b/.github/workflows/docker-compose.yaml new file mode 100644 index 0000000..f50b3a8 --- /dev/null +++ b/.github/workflows/docker-compose.yaml @@ -0,0 +1,25 @@ +version: '3.8' +services: +tech-stack-advisor: +build: . +ports: +- "7860:7860" +environment: +- ENV=production +healthcheck: +test: ["CMD", "python", "-c", "import urllib.request; +urllib.request.urlopen('http://localhost:7860', timeout=5)"] +interval: 30s +timeout: 10s +retries: 3 +start_period: 40s +restart: unless-stopped +nginx: +image: nginx:alpine +ports: +- "80:80" +volumes: +- ./nginx.conf:/etc/nginx/nginx.conf:ro +depends_on: +- tech-stack-advisor +restart: unless-stopped \ No newline at end of file diff --git a/.github/workflows/goose-pr-review.yml b/.github/workflows/goose-pr-review.yml new file mode 100644 index 0000000..4617650 --- /dev/null +++ b/.github/workflows/goose-pr-review.yml @@ -0,0 +1,82 @@ +name: Goose AI PR Review + +on: + pull_request: + types: [opened, synchronize, reopened, labeled] + workflow_dispatch: + +permissions: + contents: write + pull-requests: write + issues: write + +env: + PROVIDER_API_KEY: ${{ secrets.GOOGLE_API_KEY }} + PR_NUMBER: ${{ github.event.pull_request.number }} + GH_TOKEN: ${{ github.token }} + +jobs: + goose-comment: + name: Goose Comment + runs-on: ubuntu-latest + steps: + - name: Check out repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Gather PR information + run: | + { + echo "# Files Changed" + gh pr view "$PR_NUMBER" --json files \ + -q '.files[] | "* " + .path + " (" + (.additions|tostring) + " additions, " + (.deletions|tostring) + " deletions)"' + echo "" + echo "# Changes Summary" + gh pr diff "$PR_NUMBER" + } > changes.txt + - name: Install Goose CLI + run: | + mkdir -p /home/runner/.local/bin + curl -fsSL https://github.com/block/goose/releases/download/stable/download_cli.sh \ + | CONFIGURE=false INSTALL_PATH=/home/runner/.local/bin bash + echo "/home/runner/.local/bin" >> "$GITHUB_PATH" + - name: Configure Goose + run: | + mkdir -p ~/.config/goose + cat > ~/.config/goose/config.yaml <<'EOF' + GOOSE_PROVIDER: google + GOOSE_MODEL: gemini-2.0-flash-exp + keyring: false + EOF + - name: Prepare review instructions + run: | + # Read custom instructions from repository + cat .goose/instructions.txt > review_instructions.txt + echo "" >> review_instructions.txt + echo "The changes to review are:" >> review_instructions.txt + cat changes.txt >> review_instructions.txt + - name: Run Goose AI review + env: + GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }} + run: | + goose run --instructions review_instructions.txt \ + | sed -E 's/\x1B\[[0-9;]*[mK]//g' \ + | grep -v "logging to /home/runner/.config/goose/sessions/" \ + | grep -v "^starting session" \ + | grep -v "^Closing session" \ + | sed 's/[[:space:]]*$//' \ + > pr_comment.txt + - name: Post AI review to PR + run: | + { + echo "## 🤖 AI Code Review" + echo "*Automated review by Goose + Google Gemini*" + echo "" + cat pr_comment.txt + echo "" + echo "---" + echo "*This review was automatically generated. Use human judgment for final decisions.*" + } > final_comment.txt + + gh pr comment "$PR_NUMBER" --body-file final_comment.txt diff --git a/.goose/instructions.txt b/.goose/instructions.txt new file mode 100644 index 0000000..e8d4b8e --- /dev/null +++ b/.goose/instructions.txt @@ -0,0 +1,50 @@ +You are an expert DevOps engineer reviewing code changes for a machine learning application. + +Focus your review on these key areas: + +## 🐳 Docker & Containerization +- Dockerfile best practices and optimization +- Multi-stage builds and layer efficiency +- Security considerations (non-root users, minimal base images) +- Health checks and restart policies + +## 🏗️ Infrastructure & Orchestration +- Docker Compose service configuration +- Service dependencies and networking +- Volume mounts and data persistence +- Load balancing and proxy setup + +## 🔒 Security & Best Practices +- Exposed ports and network security +- Environment variable management +- Container security practices +- Access controls and permissions + +## 🚀 CI/CD & Automation +- Workflow efficiency and optimization +- Security scanning integration +- Caching strategies and performance +- Error handling and reliability + +## 📊 Code Quality +- Configuration file structure and clarity +- Documentation and maintainability +- Production readiness +- Scalability considerations + +## Review Format +Please structure your review as: + +**`filename`** +- Summary of changes +- Key observations +- Recommendations for improvement +- Security or performance notes + +**Overall Assessment:** +- Rate: Excellent/Good/Needs Improvement +- Main strengths +- Priority improvements +- Production readiness assessment + +Keep feedback constructive, specific, and actionable.